DOCSLIB.ORG

Elcomsoft Distributed Password Recovery Vs Hashcat (Comparisons)

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text

Load more

Hashcat is a great, free tool competing head to head Both tools can use distributed networks to speed up with the tools we make. We charge several hundred the attacks, yet Hashcat needs a third-party tool for dollars for what, in the end, can be done with a free that. tool. What are the reasons for our customers to Both are thoroughly optimized to offer the highest choose ElcomSoft products instead of Hashcat, and performance on hundreds of file formats. On paper, is the expense justified? We did our best to compare the two tools have so many similarities they may the two tools to help you make the informed look alike. The usage experience in typical use cases, decision. however, could not be more different. Both Hashcat and Elcomsoft Distributed Password Recovery are tools for breaking passwords. Both tools can perform hardware-accelerated brute- We did our best to compare the two tools to force attacks using conventional video cards, and help you make the informed decision. both tools can do dictionary and smart attacks. SYSTEM REQUIREMENTS Elcomsoft Distributed Password Recovery Hashcat Elcomsoft Distributed Password Recovery is a Windows only Hashcat is a cross-platform tool supporting all major versions of product. You need Windows 7, 8, 8.1 or Windows 10 to run both the Windows, macOS, and many Linux distributions. However, you’ll server and each of the clients. If you are using distributed attacks, be hard-pressed to find one single platform on which all of the each of the computers comprising the distributed network must Hashcat features work. From time to time, you’ll need Hashcat to run Windows. use several host operating systems to perform its duties. As an In addition to Windows, you need proper drivers. Elcomsoft example, you’ll need a Mac to extract encryption metadata from Distributed Password Recovery is comfortable with officially FileVault disks. released versions of NVIDIA drivers; we’ve seen no nasty surprises In addition to the host OS, you’ll also need the following to utilize with either Studio or Gaming drivers as long as they come with some or all Hashcat features. CUDA. AMD drivers are a bit sketchier, so we have to test major releases for compatibility. If you’re using a different GPU, the • git (optional but recommended) correct OpenCL driver must be installed in order for the hardware • Perl acceleration to work. • Python • C/C++ compiler, correctly configured and equipped with the required libraries. Some hash extraction utilities are available exclusively in source code with no precompiled binaries. HARDWARE ACCELERATION Both tools advertise hardware acceleration to speed up brute-force attacks. The devil is in the detail. Elcomsoft Distributed Password Recovery Hashcat Elcomsoft Distributed Password Recovery offers GPU acceleration Hashcat is decidedly GPU only. The tool requires an AMD or NVIDIA on NVIDIA video cards, while some formats can utilize AMD video card to work, and you’ll need a compatible version of the hardware. Our tool can also utilize OpenCL, the open standard graphic driver. Where Hashcat requires the use of the OpenCL for parallel programming of heterogeneous systems. Thanks runtime to interface with compatible CPUs (which we struggled to to OpenCL support, Distributed Password Recovery can utilize enable), Distributed Password Recovery addresses the CPU cores the GPU units found in many Intel processors, which can deliver directly, utilizes the native CUDA for interfacing with NVIDIA boards, several times the typical performance of CPU cores. Should GPU and uses OpenCL for everything else. acceleration be unavailable on a given system or for a given format, the tool transparently falls back to CPU-only implementation. SUPPORTED FORMATS Even the best password recovery tool is worth nothing if it does not • PGP secret key rings (.SKR) • macOS keychain password (GPU support that one encrypted data format you urgently need to break. (passphrase recovery) (GPU accelerated) On paper, Hashcat supports a larger number of formats compared accelerated) • BlackBerry backups (.IPD, .BBB) • PGP disks with conventional (password recovery) (GPU to our tool. While both Hashcat and Elcomsoft Distributed Password encryption (.PGD) (password accelerated) Recovery advertise hundreds of supported formats and generally recovery) (GPU accelerated) • FileMaker tick all the basics, our tool covers a few things that Hashcat does not. • PGP self-decrypting archives (.EXE) • Apple Disk Image (.DMG) passwords These include: (password recovery) • DashLane password manager • PGP whole disk encryption (password • Tally ERP 9 Vault passwords • Office 97/2003 (key search) • Hangul/Hancom Office (HanWord, HanCell) recovery) (GPU accelerated) • PDF with 40 bit encryption (key search) • PGP ZIP archives (.PGP) (password • Intuit Quicken • Apple iWork (Pages, Numbers, Keynote) recovery) SETTING UP AND INITIAL CONFIGURATION Elcomsoft Distributed Password Recovery Hashcat The greater differences are experienced when setting up and Hashcat offers a typical Linux experience even if you are using it in configuring the tools for the first time. When installed on a single Windows. All goes well if you already have the compatible GPU with computer, Elcomsoft Distributed Password Recovery is essentially compatible drivers. Should something go wrong, and you may need a plug-and-play endeavor: you download the installation file, to spend extra time troubleshooting. This, for example, is what we’ve double-click to install, then launch the product from the Windows seen when trying to benchmark Hashcat on an Intel CPU in a Windows Start menu. That’s pretty much it; the tool automatically launches VM: the required components (the client, server, and interactive management console) and detects the available acceleration resources. By the time you see the main window, the tool is ready to run your first attack. Apparently, an OpenCL runtime is required to run attacks on Intel CPUs. Obtaining OpenCL runtime for Intel Core was borderline amazing. The runtime is only available to developers with Intel To sum it up, you need a supported developer accounts. Registering the account and waiting for its OpenCL device to use Hashcat. NVIDIA approval took a day; however, we were still unable to run Hashcat on that computer even with the OpenCL runtime installed. boards are supported; you’ll need some To its credit, Hashcat would run normally in Windows once we luck for AMD or Intel. If you use Ubuntu, installed a compatible NVIDIA board. We could also launch Hashcat in you’ll require an NVIDIA board. Elcomsoft Linux using the same video card. This time the quest was less puzzling; Distributed Password Recovery, on the all that we needed to do was using the particular version of Ubuntu, carefully uninstalling the pre-installed NVIDIA drivers (a wrong move other hand, just… works. bricks the system), adding the recommended drivers repository and installing the recommended driver from that repository. Piece of cake if you use NVIDIA. We failed the quest when we tried using an AMD card though. WORKFLOW: LAUNCHING THE ATTACK We have already noted that Hashcat is a command-line tool, while Elcomsoft Distributed Password Recovery is based on the GUI. You’d naturally expect some differences in the workflow, but there’s more to that than meets the eye. The two tools are very different from the get-go. Hashcat Hashcat only attacks hashes; hence the name. You cannot just you name the files with hash data properly, you may get lost in point Hashcat to a ZIP file or a Word document. Instead, you must which hash belongs to which file. first run a separate third-party script to extract the hash from There is a positive side to hash-only recovery. You can keep the the file you’re about to attack. These scripts are not delivered original files and their hashes on different computers or even in with Hashcat, so you’ll have to look for them and obtain them different networks. You can extract hashes in one lab and run separately. As an example, when attacking a Microsoft Office the attack in another, or even send the hashes to a specialized document, you must first process the original document with password recovery service without the risk of leaking any personal office2hashcat.py. or confidential information. As you can see, the script is a Python script, which means you’ll have to install Python with a number of modules. On some systems, the pip module installer is not always installed with Python, so you’ll have to obtain and install that (note that the Elcomsoft Distributed Password Recovery workflow is different for the different host operating systems). Once you install Python, run the script and extract the hash, you’ll What about Elcomsoft Distributed Password Recovery? When receive the hash string, e.g. originally released, we aimed for simplicity, allowing to simply open a file to launch the attack, end of story. Distributed office$*2010*100000*128*16*a1688e8975694550a7a61b5 Password Recovery is smart enough to analyze the file’s content, While “office$*2010” suggests that the hash belongs to a document automatically detecting the correct file format even if the file was saved in a certain Microsoft Office format, Hashcat won’t take it renamed or has no extension. for granted. When running the attack, you’ll have to additionally Since May 2020, we are optionally offering tighter control over specify the “-m 9500” parameter in the command line, which personal information with attacks on encryption metadata. If you identifies the hash as an Office 2010 file. Why “9500”? Because prefer, you can use the straightforward classic workflow, but you are RTFM. no longer limited to that. You can also run the included Elcomsoft Dealing exclusively with hashes has its pros and contras. The Hash Extractor tool to extract encryption metadata (a.k.a. hashes) obvious drawback is the added complexity.
Recommended publications
  • Truecrack Bruteforcing Per Volumi Truecrypt

    Truecrack Bruteforcing Per Volumi Truecrypt

    Luca Vaccaro http://code.google.com/p/truecrack/ [email protected] User development guide. TrueCrypt © . software application used for on-the-fly encryption (OTFE). TrueCrack . bruteforce password cracker for TrueCrypt © (Copyrigth) volume files, optimazed with Nvidia Cuda technology. This software is Based on TrueCrypt, freely available athttp://www.truecrypt.org/ Master key . Crypt the volume of data. Generated one time in the volume creation phase from random value. Write inside the header section of the volume file. Header key . Crypt the header section of the volume file. Generated from a user password and a random salt (64 bytes). The salt is write in plain text in the first 64 bytes of volume file. Hard disk encryption: . Standard block cipher: XTS . Hash availables: AES, Serpent, Twofish . Default: AES Key derivation function: . Standard algorithm: PBKDF2 . Hash availables: RIPEMD160, SHA-512, Whirpool . Default: RIPEMD160 Master Header Key Key Plain Cipher Volume data data + file header Opening a TrueCrypt volume means to retrieve the Master Key from the Header section In the Header there are some fields (true, crc32) for checking the success of the decipher operation . If the password is right or wrong Header key User password salt Volume Master file key CUDA or Compute Unified Device Architecture is a parallel computing architecture developed by Nvidia. CUDA gives developers access to the virtual instruction set and memory of the parallel computational elements in CUDA GPUs. Each GPU is a collection of multicores. Each core can run mmore cuda «block», and each block can run a numbers of parallel «thread» 1. Level of parallilism : block 2.
  • Analysis of Password Cracking Methods & Applications

    Analysis of Password Cracking Methods & Applications

    The University of Akron IdeaExchange@UAkron The Dr. Gary B. and Pamela S. Williams Honors Honors Research Projects College Spring 2015 Analysis of Password Cracking Methods & Applications John A. Chester The University Of Akron, [email protected] Please take a moment to share how this work helps you through this survey. Your feedback will be important as we plan further development of our repository. Follow this and additional works at: http://ideaexchange.uakron.edu/honors_research_projects Part of the Information Security Commons Recommended Citation Chester, John A., "Analysis of Password Cracking Methods & Applications" (2015). Honors Research Projects. 7. http://ideaexchange.uakron.edu/honors_research_projects/7 This Honors Research Project is brought to you for free and open access by The Dr. Gary B. and Pamela S. Williams Honors College at IdeaExchange@UAkron, the institutional repository of The nivU ersity of Akron in Akron, Ohio, USA. It has been accepted for inclusion in Honors Research Projects by an authorized administrator of IdeaExchange@UAkron. For more information, please contact [email protected], [email protected]. Analysis of Password Cracking Methods & Applications John A. Chester The University of Akron Abstract -- This project examines the nature of password cracking and modern applications. Several applications for different platforms are studied. Different methods of cracking are explained, including dictionary attack, brute force, and rainbow tables. Password cracking across different mediums is examined. Hashing and how it affects password cracking is discussed. An implementation of two hash-based password cracking algorithms is developed, along with experimental results of their efficiency. I. Introduction Password cracking is the process of either guessing or recovering a password from stored locations or from a data transmission system [1].
  • Password Cracking Using Cain & Abel

    Password Cracking Using Cain & Abel

    Password Cracking Using Cain & Abel Learning Objectives: This exercise demonstrates how password could be cracked through ​ various methods, specifically regarding MD5 encrypted passwords. Summary: You will use Cain & Abel for this exercise. ​ Deliverables: Submit a lab report by answering the review questions. In some review ​ questions, you may provide screen captures. Dictionary attack Dictionary attack uses a predetermined list of words from a dictionary to generate possible passwords that may match the MD5 encrypted password. This is one of the easiest and quickest way to obtain any given password. 1. Start Cain & Abel via the Desktop Shortcut ‘Cain’ or Start menu. ​ ​ ​ ​ ​ ​ a. (Start > Programs > Cain > Cain). 2. Choose ‘Yes’ to proceed when a ‘User Account Control’ notification pops up regarding ​ ​ software authorization. 3. Once on, select the ‘Cracker’ tab with the key symbol, then click on MD5 Hashes. The ​ ​ ​ result should look like the image below. 1 Collaborative Virtual Computer Lab (CVCLAB) Penn State Berks 4. As you might have noticed we don’t have any passwords to crack, thus for the next few steps we will create our own MD5 encrypted passwords. First, locate the Hash Calculator among a row of icons near the top. Open it. 5. Next, type into ‘Text to Hash’ the word password. It will generate a list of hashes ​ ​ ​ pertaining to different types of hash algorithms. We will be focusing on MD5 hash so ​ copy it. Then exit calculator by clicking ‘Cancel’ (Fun Fact: Hashes are case sensitive so ​ any slight changes to the text will change the hashes generated, try changing a letter or two and you will see.
  • User Authentication and Cryptographic Primitives

    User Authentication and Cryptographic Primitives

    User Authentication and Cryptographic Primitives Brad Karp UCL Computer Science CS GZ03 / M030 16th November 2016 Outline • Authenticating users – Local users: hashed passwords – Remote users: s/key – Unexpected covert channel: the Tenex password- guessing attack • Symmetric-key-cryptography • Public-key cryptography usage model • RSA algorithm for public-key cryptography – Number theory background – Algorithm definition 2 Dictionary Attack on Hashed Password Databases • Suppose hacker obtains copy of password file (until recently, world-readable on UNIX) • Compute H(x) for 50K common words • String compare resulting hashed words against passwords in file • Learn all users’ passwords that are common English words after only 50K computations of H(x)! • Same hashed dictionary works on all password files in world! 3 Salted Password Hashes • Generate a random string of bytes, r • For user password x, store [H(r,x), r] in password file • Result: same password produces different result on every machine – So must see password file before can hash dictionary – …and single hashed dictionary won’t work for multiple hosts • Modern UNIX: password hashes salted; hashed password database readable only by root 4 Salted Password Hashes • Generate a random string of bytes, r Dictionary• For user password attack still x, store possible [H(r,x after), r] in attacker seespassword password file file! Users• Result: should same pick password passwords produces that different aren’t result close to ondictionary every machine words. – So must see password file
  • How ONLYOFFICE Docs Integrated Into Nextcloud Enables Online Document Editing and Collaboration for Lao Government Officials

    How ONLYOFFICE Docs Integrated Into Nextcloud Enables Online Document Editing and Collaboration for Lao Government Officials

    How ONLYOFFICE Docs integrated into Nextcloud enables online document editing and collaboration for Lao government officials Not long ago, SB LAB 856 Co., Ltd, a Laos-based IT company, implemented a collaborative environment for Laotian ministries and government agencies by integrating ONLYOFFICE Docs into Nextcloud. About SB LAB 856 SB LAB 856 is a solution provider and digital transformation enabler from Laos with headquarters in Vientiane. Established in 2011, it specializes in bringing the most suitable technology to enhance its clients’ operational efficiency and business continuity. The company’s mission is to be the best solution provider for organizations that see their future in a digital age. With a team of 25 experienced developers, SB LAB 856 is part of the Laos Digital 4.0 program aimed at helping the country to develop key software products, such as eKYC, digital signature, office automation and G-Share (which includes Nextcloud and ONLYOFFICE) and provide Lao government agencies and ministries with free digital solutions. [email protected] onlyoffice.com Key problems of the Lao government IT infrastructure Laos is a developing country, and the existing IT infrastructure of its government comes up against three main problems: • no effective file sharing because all types of government documents are usually kept on personal PCs or USB drives; • lack of real-time collaboration among government officials across the organization; • unavailability of document editing on mobile devices. As a software provider officially trusted by the government, SB LAB 856 uses ONLYOFFICE to handle these challenges by providing government agencies and ministries with cloud-based document storage, online document editing and real-time co-editing capabilities.
  • Strategic Marketing Plan 2010

    Strategic Marketing Plan 2010

    1 Strategic Marketing 2 Plan 2010 3 OpenOffice.org 2005-2010 4 OpenOffice.org Conference 2004 5 Version 0.5. Copyright ©2004 John McCreesh [email protected] for and on behalf of the 6 OpenOffice.org Marketing Project. All rights reserved. Table of Contents Executive Summary...............................................................................................1 Community Review................................................................................................2 History.....................................................................................................................................2 Goals ......................................................................................................................................2 Market Review.......................................................................................................5 Overview.................................................................................................................................5 Market Segmentation..............................................................................................................5 Disruptive Marketing...............................................................................................................7 Product Review.....................................................................................................9 Summary.................................................................................................................................9 Distribution.............................................................................................................................9
  • 한글과컴퓨터 (030520 KQ) Korea / Small-Mid Cap MS 가 수익을 쥐어짤수록 한컴은 성장한다 13 June 2014 BUY

    한글과컴퓨터 (030520 KQ) Korea / Small-Mid Cap MS 가 수익을 쥐어짤수록 한컴은 성장한다 13 June 2014 BUY

    Initiating coverage 한글과컴퓨터 (030520 KQ) Korea / Small-mid cap MS 가 수익을 쥐어짤수록 한컴은 성장한다 13 June 2014 BUY 목표주가 30,000 원 당사는 목표주가 30,000 원을 제시하며(상승여력 21%), 투자의견 BUY 로 한글과컴퓨 현재주가 (12 June 2014) 24,800 원 터(한컴) 커버리지를 개시함. 마이크로소프트(MS)사가 MS 오피스 2013 출시를 통해 라이선스 정책을 강화하면서, 이에 대한 반대 급부로 한컴오피스 사용자가 증가할 것 Upside/downside (%) 21.0 KOSDAQ 536.14 으로 예상됨. 이와 더불어 동사는 윈도우 외에 다양한 OS 에 사용 가능한 오피스 프 시가총액 (십억원) 572 로그램/앱을 개발하는 멀티플랫폼 전략을 통해 오피스 시장에서 점유율을 높일 것임. 52 주 최저/최고 13,500 - 26,250 일평균거래대금 (십억원) 5.79 외국인 지분율 (%) 9.8 MS 의 라이선스정책 강화로 인한 수혜 최근 마이크로소프트(MS)가 라이선스 정책을 강화하면서, 점진적으로 많은 수의 MS Forecast earnings & valuation 오피스 사용자들이 한컴오피스로 교체 사용할 것으로 판단됨. 이는 한컴오피스는 Fiscal year ending Dec-13 Dec-14 E Dec-15 ED ec-16 E 매출액 (십억원) 72 94 115 127 MS 오피스와 호환이 잘되는 유일한 PC 용 오피스 프로그램이며 가격 또한 합리적이 영업이익 (십억원) 25.1 37.5 45.4 50.1 기 때문임 (MS 오피스의 가격대는 139.99~399.99 달러로 고가인 반면, 한컴오피스 당기순이익 (십억원) 19.1 29.3 36.0 40.5 수정순이익 (십억원) 19.1 28.8 35.3 39.7 는 69 달러에 불과, 국내 가격은 가정용 기준 37,400 원). 한컴오피스와 MS 오피스 EPS (원) 826 1,249 1,528 1,718 와의 호환율은 98%에 달하며, 한컴오피스는 MS 오피스의 User Interface 를 제공하 EPS 성장률 (%) 52.7 51.2 22.3 12.4 기 때문에, MS 유저들은 어렵지 않게 동일한 환경에서 한컴오피스를 사용할 수 있음.
  • Passwords CS 166: Information Security Authentication: Passwords

    Passwords CS 166: Information Security Authentication: Passwords

    Passwords CS 166: Information Security Authentication: Passwords Prof. Tom Austin San José State University Access Control • Authentication: Are you who you say you are? – Determine whether access is allowed – human to machine, or machine to machine • Authorization: Are you allowed to do that? – Once you have access, what can you do? – Enforces limits on actions Chapter 7: Authentication Guard: Halt! Who goes there? Arthur: It is I, Arthur, son of Uther Pendragon, from the castle of Camelot. King of the Britons, defeater of the Saxons, sovereign of all England! ¾ Monty Python and the Holy Grail Then said they unto him, Say now Shibboleth: and he said Sibboleth: for he could not frame to pronounce it right. Then they took him, and slew him at the passages of Jordan: and there fell at that time of the Ephraimites forty and two thousand. ¾ Judges 12:6 Authentication: Are You Who You Say You Are? • How to authenticate human a machine? • Can be based on… –Something you know • e.g. password –Something you have • e.g. smartcard –Something you are • e.g. fingerprint Something You Know • Passwords • Lots of things act as passwords! –PIN –Social security number –Mother’s maiden name –Date of birth –Name of your pet, etc. Why Passwords? • Why is “something you know” more popular than “something you have” and “something you are”? • Cost: passwords are free • Convenience: easier for admin to reset pwd than to issue a new thumb Authenticating with Passwords I am Thor Prove it My password is Mjölnir Authenticating with Passwords I am Thor Prove it My
  • Relativity Processing User Guide V9.2

    Relativity Processing User Guide V9.2

    Processing User Guide February 4, 2019 - Version 9.2 ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- For the most recent version of this document, visit our documentation website. Table of Contents 1 Processing 8 1.1 Application version considerations 8 1.2 Basic processing workflow 9 2 Installing and configuring Processing 11 2.1 Upgrade considerations 11 2.2 License considerations 11 2.3 Importing the Processing application 12 2.4 Worker manager server 12 2.5 Worker manager server on the resource pool 12 2.6 Processing agents 13 2.7 Creating a choice for the processing source location 14 3 Processing custodians 16 3.1 Creating a new custodian 17 3.1.1 Fields 17 3.2 Viewing or editing custodian details 17 3.3 Importing custodians through the RDC 19 4 Supported file types for processing 21 4.1 Supported file types 21 4.1.1 Multi-part forensic file considerations 24 4.1.2 Tracking inline/embedded images 24 4.1.3 Native text extraction and OCR 25 4.1.4 Microsoft Office child extraction support 25 4.2 Notable unsupported file types 27 4.3 Supported container file types 30 4.3.1 Lotus Notes considerations 31 4.4 Container file types supported for Password Bank in Inventory 33 4.4.1 Non-container file types supported for Password Bank in Inventory 34 5 Password bank 35 5.1 Password bank in processing workflow 35 Relativity | Processing User Guide - 2 5.2 Creating or deleting a Password Bank
  • UGRD 2015 Spring Bugg Chris.Pdf (464.4Kb)

    UGRD 2015 Spring Bugg Chris.Pdf (464.4Kb)

    We could consider using the Mighty Cracker Logo located in the Network Folder MIGHTY CRACKER Chris Bugg Chris Hamm Jon Wright Nick Baum Password Security • Password security is important. • Users • Weak and/or reused passwords • Developers and Admins • Choose insecure storage algorithms. • Mighty Cracker • Show real world impact of poor password security. OVERVIEW • We made a hash cracker. • Passwords are stored as hashes to protect them from intruders. • Our program uses several methods to ‘crack’ those hashes. • Networking • Spread work to multiple machines. • Cross Platform OTHER HASH CRACKING PRODUCTS • Hashcat • Cain and Abel • John the Ripper • THC-Hydra • Ophcrack • Network support is rare. WHAT IS HASHING • A way to encode a password to help protect it. • A mathematical one-way function. • MD5 hash • cf4ff726403b8a992fd43e09dd7b5717 • SHA-256 hash • 951e689364c979cc3aa17e6b0022ce6e4d0e3200d1c22dd68492c172241e0623 SUPPORTED HASHING ALGORITHMS • Current Algorithms • MD5 • SHA-1 • SHA-224 • SHA-256 • SHA-384 • SHA-512 WAYS TO CRACK • Cracking Modes • Single User • Network Mode • Methods of Cracking: • Brute Force • Dictionary • Rainbow Table • GUI or Console BRUTE FORCE • Systematically checking all possible keys until the correct one is found. • Worst case this would transverse the entire search space. • Slowest but will always find the solution if given enough time. DICTIONARY ATTACK • List of common passwords from leaks/hacks. • Many people choose common passwords • Written works of Shakespeare ~66,000 words • Oxford English Dictionary ~290,000 words • Small dictionary = 900,000 words • Medium dictionary = 14 million words • Large dictionary = 1.2 billion words RAINBOW TABLE • Can’t store all possible hash/key combinations. • 16 character key = 10^40th combinations • 10^50th atoms on earth • Rainbow tables • Reduced storage.
  • Hao Xu; Title: Improving Rainbow Table Cracking Accuracy; Mentor(S): Xianping Wang, CITG

    Hao Xu; Title: Improving Rainbow Table Cracking Accuracy; Mentor(S): Xianping Wang, CITG

    Student(s): Hao Xu; Title: Improving Rainbow Table Cracking Accuracy; Mentor(s): Xianping Wang, CITG. Abstract: Password cracking is the process of recovering plaintext passwords from data that has been stored in or transmitted by computing systems in cryptanalysis, computer security and digital forensics. There are many situations that require password cracking: helping users recover forgotten passwords, gaining unauthorized access to systems, checking password strength, etc. The most popular and applicable password cracking method is brute-force attack with various improvements such as dictionary attack, rainbow table attack. Usually they are accelerated with GPU, FPGA and ASIC. As passwords are usually stored in their hash codes instead of plaintext. to accelerate the password cracking process, caching the output of cryptographic hash codes of passwords, named as rainbow table, are used widely today. However, rainbow tables are usually created from exhaustive password dictionaries, in which many unusual combinations of letters, symbols and digits are contained, which decreased cracking efficiency and accuracy The efficiency and accuracy of rainbow table cracking can be improved from many aspects such as password patterns, computing engines, etc. In this research, we will employ many openly available leaked passwords, to find their distribution by maximum likelihood estimation, design a password generator based on the found distribution, generate rainbow tables on the passwords generated by the designed password generator. The accuracy of our rainbow table cracker will be compared with several popular password crackers --- John the Ripper password cracker, Cain and Abel, Hashcat , and Ophcrack " .
  • A Survey of Password Attacks and Safe Hashing Algorithms

    A Survey of Password Attacks and Safe Hashing Algorithms

    International Research Journal of Engineering and Technology (IRJET) e-ISSN: 2395-0056 Volume: 04 Issue: 12 | Dec-2017 www.irjet.net p-ISSN: 2395-0072 A Survey of Password Attacks and Safe Hashing Algorithms Tejaswini Bhorkar Student, Dept. of Computer Science and Engineering, RGCER, Nagpur, Maharashtra, India ---------------------------------------------------------------------***--------------------------------------------------------------------- Abstract - To authenticate users, most web services use pair of message that would generate the same hash as that of the username and password. When a user wish to login to a web first message. Thus, the hash function should be resistant to application of the service, he/she sends their user name and second-pre-image. password to the web server, which checks if the given username already exist in the database and that the password is identical to 1.2 Hashing Algorithms the password set by that user. This last step of verifying the password of the user can be performed in different ways. The user Different hash algorithms are used in order to generate hash password may be directly stored in the database or the hash value values. Some commonly used hash functions include the of the password may be stored. This survey will include the study following: of password hashing. It will also include the need of password hashing, algorithms used for password hashing along with the attacks possible on the same. • MD5 • SHA-1 Key Words: Password, Hashing, Algorithms, bcrypt, scrypt, • SHA-2 attacks, SHA-1 • SHA-3 1.INTRODUCTION MD5: Web servers store the username and password of its users to authenticate its users. If the web servers store the passwords of This algorithm takes data of arbitrary length and produces its users directly in the database, then in such case, password message digest of 128 bits (i.e.